Endpoint Security Risk & Compliance Lead

Toronto, ON
Permanent
Full-time

2 days ago

Job DescriptionWhat is the opportunity?The Endpoint Security Risk & Compliance Lead will be responsible for risk management, audit, and regulatory compliance activities for the Endpoint Security team. They will partner closely with technical Endpoint Security teams, Security Risk teams, and auditors to help ensure compliance with relevant regulations and industry standards. The lead will also drive the development and maintenance of reporting to ensure transparency and accountability for overall compliance with business and governance activities, including the development and implementation of policies, procedures, and controls to maintain the highest level of endpoint security risk management and compliance.What will you do?Stakeholder Collaboration: Work closely with endpoint security teams, IT operations, and risk partners to understand security controls and processes and manage risks.Audit & Regulatory Engagement Leadership: Champion audit, regulatory, and key control engagements with support from technical teams to drive accurate and meaningful responses for evaluators while also identifying areas for learning and improvement.Risk Management: Own primary accountability for endpoint security risk management across endpoint security products. Capturing risks, tracking risks through their lifecycle, and supporting technical teams driving towards remediation.Reporting & Remediation: Drive the development, distribution, and maintenance of meaningful reporting for key governance and compliance metrics relating to endpoint security (e.g., patching, certificate management, and password rotations.).Supplier Management Governance: Manage regular reviews of endpoint security technology solutions relating to supplier and data risk, model risk, and exit strategiesWhat do you need to succeed? Must-haveExcellent leadership and collaboration skills: The ability to collaborate with various stakeholders, including endpoint security teams, IT operations, and risk partners, is crucial for success in this role. The candidate must understand, speak, and write in both technical and simplified language, translating technical concepts between various audiences and partner teams including communications to auditor or regulator audiences.Audit and regulatory compliance expertise: Experience with audit and regulatory engagements, including knowledge of relevant laws, regulations, and industry standards (e.g., NIST, SWIFT, PCI-DSS, GDPR), is essential for this position.Strong understanding of security risk management frameworks: The ideal candidate should have in-depth knowledge of security best practices, risk management principles, and industry-recognized security frameworks.Experience with reporting and metrics ownership: The ability to develop and maintain meaningful reports and metrics to measure endpoint security governance and compliance is critical for this role.Nice-to-have:Certifications in information security (e.g., CISSP, CCSP, CRISC, CIAM, ITIL)Previous work experience within the Finance or Insurance sector or other large enterprise industryUnderstanding of security technologies such as anti-virus, data monitoring and protection, cryptography, identity and access management, and vulnerability scanning technologiesKnowledge of enterprise environments including IT ecosystems, software networks, traditional on-premise infrastructure and cloud platforms (AWS, Azure, GCP)Experience with agile methodologies and tools, such as Jira or Azure DevOps, for backlog management and sprint planningWhat is in it for you?We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success
that is mutual.A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.Leaders who support your development through coaching and managing opportunities.Ability to make a difference and lasting impact.Work in a dynamic, collaborative, progressive, and high-performing team.A world-class training program in financial services.Opportunities to do challenging work.#LI-POST#TECH PJJob Skills Collaborating, Compliance Activities, Confidentiality, Cyber Security Management, Decision Making, Detail-Oriented, Endpoint Security, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology Security, Regulatory Compliance, Risk Management, Security Risk Management, Strategic Thinking, Vulnerability Management, Vulnerability ScanningAdditional Job DetailsAddress: 16 YORK ST:TORONTOCity: TorontoCountry: CanadaWork hours/week: 37.5Employment Type: Full timePlatform: TECHNOLOGY AND OPERATIONSJob Type: RegularPay Type: SalariedPosted Date: 2025-09-02Application Deadline: 2025-09-15Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date aboveInclusion and Equal Opportunity EmploymentAt RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.Join our Talent CommunityStay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at .

Royal Bank of Canada

Apply Now